From

Thank you

Sorry

Traci (not her real name) is a college student who posts her picture at a popular Web site called HotorNot.com. This is an ego site, where people submit pictures of themselves and, once approved through HotorNot's 1,000 volunteer "content screeners," are posted for "rating" by other visitors of the site. Only clean photos here. No e-mail addresses, either. Meeting messages are proxied through HotorNot servers.

Traci's picture is there, in which she is leaning thoughtfully on a stool wearing a tank top and shorts. A right click away is the HTML source code of the picture, including the HTTP address to where that photo is actually stored -- her personal Web site. Erase "/~pix1" from the browser and you get her home page. And on her home page is the name of her college, her hometown and her dormitory phone number.

As of last month, 670,000 budding young stars have posted their mugs up on the site, many of whom are traceable through their own HTML code. And try as he might, HotorNot CEO James Hong can't get them to stop linking their photos to their sites this way.

"The Web address of your photo will be visible to all visitors to this site. If you value your privacy, make sure it cannot be used to track your personal contact information." This disclaimer sits in the center of HotorNot's submit page, in bold type. But Shawn Key, CEO of e-Tesla Inc., an information security company in Manassas, Va., turned over five home page Web addresses during a 15-minute scroll through the HotorNot gallery.

Key says he thinks HotorNot has a moral responsibility to store all photo submissions on its own servers to prevent these photos from leading to personal Web sites. Hong says finances haven't allowed for such capacity yet. Besides, he adds, customers prefer control over their own photos. And many of them want to be found.

"When we stopped allowing [HotorNot users] to put their e-mail addresses on their pictures, I can't tell you how many complaints I got," says Hong. "There are some people who want to be exposed. This is a huge phenomena on the Web right now. People are writing newsletters and Web logs and there's a craze right now to write entire journals on the Web for others to see."

But Key and Hong both agree on one thing: People online need to learn to protect their privacy better.

"We should educate people about what information they post on their Web sites," Hong says.

To call her naive would unleash her wrath. But 'Traci' says she's already educated. She just doesn't worry about her privacy like older people do.

"I appreciate your concern, but I definitely know how much information HotorNot gives away. I've submitted numerous pictures to the site just for fun, knowing full well that anyone can get my personal information," she writes at the start of an e-mail, the address of which is posted on her Web site. "I am fully aware of all the potential dangers of the Internet and indeed have had my run-in with a guy who became obsessed with me [in the past]."

She develops her Web sites for her enjoyment, she adds. She concludes that it's really a generational thing. "As a member of this technological generation, we know more about certain things than our older counterparts admit or understand," she says.

Key says he thinks further education is needed at the college level. Since many of these HotorNot sites are linked to college servers, he suggests computer science professors teach their Web development students to better value their privacy. And Hong thinks that those who do post personal Web sites should do so anonymously through services like Yahoo Geocities.

"I'm wary of this article becoming a self-fulfilling prophesy," Hong says. "We talked about it around here. We don't want stalkers out there to go, 'I read this article and I'm going to do it'"